<?php 
	session_start(); 
	include('user_type/system.php');
	include('access/login_functions.php');
	include("access/opendb.php"); 
	$_SESSION['restricted'] = true;
	check_logged_in();	if ($_SESSION['Status'] == "NewModerator") { send_to_page('firstTimeLogin.php'); }	if ($_SESSION['Status'] == "NewModerator") { send_to_page('firstTimeLogin.php'); }	if ($_SESSION['Status'] == "NewModerator") { send_to_page('firstTimeLogin.php'); }
	
	if (!isset($_GET['ID']))
	{
		$curPage = $_SESSION['curPage'];
		send_to_page($curpage);
	}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
		<meta name="keywords" content="KEYWORDS HERE!!!!">
		<meta name="description" content="Descrition Here!!!">
 
	<link rel="stylesheet" type="text/css" href="style_1.css">
	
</head>
<body>


<div class="above_body"> <!-- closing tag is in template navbar -->
<div id="header" class="floatcontainer doc_header">
	<div><a name="top" href="home.php" class="logo-image"><img src="images\QUESTwtrl2.png"  title=""></a></div>
	<div id="toplinks" class="toplinks">
		
			<ul class="nouser">
			<!--
				<?php if (!isset($_SESSION['user'])) echo "<li><a href=\"register.php\" rel=\"nofollow\">Register</a></li>"; ?>
			-->
				<li>
			
			<form id="navbar_loginform" action="access/login.php" method="post" >
					<input type="hidden" name="currentPage" value="<?php echo System::curPageName(); ?>" />
						<fieldset id="logindetails" class="logindetails">
							<div>
								<div>
							
							<?php // check if user is logged in
								if(isset($_SESSION['user']))
								{	
									$user = $_SESSION['user'];
									$_SESSION['curPage'] = System::curPageName(); 
									// if so, display username with tools
									echo "<div style=\"font-size: 16px; font-weight: bold;\">";
									echo "Welcome, $user <br />";
									echo "<a href=\"access/logout.php\">Log Out</a>";
									echo "<a href=\"userTools.php\">myTools</a>";
									echo "<a href=\"userInfo.php\">myProfile</a>";
									
									echo "</div>";
								}
								else
								{	// otherwise, display login form
									echo "<input type=\"text\" class=\"textbox default-value\" name=\"user\" id=\"navbar_username\" size=\"10\" tabindex=\"101\" value=\"Username\"> ";
									echo "<input type=\"password\" class=\"textbox default-value\" tabindex=\"102\" name=\"pass\" id=\"navbar_password_hint\" size=\"10\" value=\"Password\" style=\"display: inline; \"> ";
									echo "<input type=\"submit\" class=\"loginbutton\" tabindex=\"104\" value=\"Log in\" title=\"Enter your username and password in the boxes provided to login.\" accesskey=\"s\">";
								}
							?>
								</div>
								
							</div>
						</fieldset>
					</form>
			
				</li>
			</ul>
		
	</div>
	<div class="ad_global_header">
		 
		 
	</div>
	<hr>
</div> 
<div id="navbar" class="navbar">

	<ul id="navtabs" class="navtabs floatcontainer"></ul>
	<div id="globalsearch" class="globalsearch"></div>
	
</div>
</div><!-- closing div for above_body -->

<form id="complaintForm" action="process/processComplaint.php" name="register" method="post" class="vbform block">
	<h2 class="blockhead">Complaint Form</h2>
	<div class="blockbody formcontrols">
		<!-- use hidden form to transfer data about userName, contentInfo, and userID -->
		<?php 	
			if (isset($_GET['CID']))	// complaint about author's content!
			{
				$type = $_GET['type'] . 's_table';	// will either be ARTICLEs_table or IMAGEs_table
				$cid = $_GET['CID'];
				
				// retrieve userID and filename associated with content
				$result = mysql_query("SELECT * FROM $type WHERE CID=$cid");
				if ($result)
				{
					$entry = mysql_fetch_array($result);
					
					$uid = $entry['UID'];
					$filename = $entry['Filename'];
					
					$result = mysql_query("SELECT * FROM user_table WHERE UID=$uid");
					if ($result)
					{
						$entry = mysql_fetch_array($result);
						$complaintAgainst = $entry['Username'];
					}
					
					if ($type == "image")
						$filename = substr($filename, 7);
					else
						$filename = substr($filename, 9);
				}
			}
			else	// complaint about author
			{
				$UID = $_GET['UID'];
				$result = mysql_query("SELECT * FROM user_table WHERE UID=$UID");
				if ($result)
				{
					$entry = mysql_fetch_array($result);
					$complaintAgainst = $entry['Username'];
				}
				
			}
		?>
		<h3 class="blocksubhead">Complaint Against: <?php echo $complaintAgainst; ?></h3>
		<h3 class="blocksubhead">About: 
		<?php 
			if (isset($_GET['UID']))
				echo "The Member";
			else
			{
				if ($_GET['type'] == "image")
					echo "The Image [";
				else
					echo "The Article [";
				
				echo $filename . "]";; 
			}
		?>
		</h3>
		
		<div class="section">
			<div class="blockrow">
				What seems to be the problem?
			</div>

			<div class="blockrow">
				<textarea rows="5" cols="135" name="complaint"></textarea>
			</div>
			
			<input type="hidden" name="CID" value="<?php echo $CID; ?>" />
			<input type="hidden" name="UID" value="<?php echo $UID; ?>" />
			<input type="hidden" name="username" value="<?php echo $complaintAgainst; ?>" />
			<div class="blockrow" style="text-align: right;" >
				<input type="submit" class="button" value="Submit Complaint!">
			</div>
			
			<?php
				if (!empty($_SESSION['resultMessage']))
					echo "<div class=\"blockrow\" style=\"text-align: center; font-weight: bold;\">" . $_SESSION['resultMessage'] . "</div>";
			?>
		</div>
			
	</div>
</form>
<?php include("access/closedb.php"); ?>
 </body></html>
 